Dominique.Fournier/DomFramework
1
0
Fork 0
Code Issues Pull Requests Projects Releases Activity

authentication : allow to store the password when the authentication is valid in REST.

Browse Source 
authentication : JWT token management


git-svn-id: https://svn.fournier38.fr/svn/ProgSVN/trunk@5785 bf3deb0d-5f1a-0410-827f-c0cc1f45334c
This commit is contained in:
Dominique Fournier
2019-12-04 14:49:02 +00:00
parent 0aaf30dd6e
commit cc3293bb4d
1 changed files with 21 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
authentication.php
View File

@@ -257,9 +257,11 @@ class authentication
// }}} // }}}
/** Check all the REST API /** Check all the REST API
* @param boolean|null $savePassword return the user password if the
* authentication is valid
* @return array The details provided by the authentication mecanism * @return array The details provided by the authentication mecanism
*/ */
public function verifAuthREST () public function verifAuthREST ($savePassword = false)
// {{{ // {{{
{ {
if ($this->debug) if ($this->debug)
@@ -281,14 +283,20 @@ class authentication
throw new \Exception (dgettext ("domframework", throw new \Exception (dgettext ("domframework",
"Authentication error"), 403); "Authentication error"), 403);
} }
if ($savePassword === true && $authparams->email !== "anonymous")
$res["password"] = $authparams->password;
return $res; return $res;
} }
// }}} // }}}
/** Return the JSON Web Token /** Return the JSON Web Token
* @param string $email The user email to store in JSON Web Token payload * @param string|array $payload The user email to store in JSON Web Token
* payload. If an array is provided, it will be the payload
* The $this->authServers["authjwt"]["algorithm"],
* $this->authServers["authjwt"]["cipherKey"] and
* $this->authServers["authjwt"]["serverKey"] can be set
*/ */
public function createJwtToken ($email) public function createJwtToken ($payload)
// {{{ // {{{
{ {
if (isset ($this->authServers["authjwt"]["serverKey"])) if (isset ($this->authServers["authjwt"]["serverKey"]))
@@ -296,14 +304,21 @@ class authentication
// Set the JSON Web Token as the authentication is valid // Set the JSON Web Token as the authentication is valid
require_once ("domframework/jwt.php"); require_once ("domframework/jwt.php");
$algorithm = "HS256"; $algorithm = "HS256";
$cipherKey = null;
if (isset ($this->authServers["authjwt"]["algorithm"])) if (isset ($this->authServers["authjwt"]["algorithm"]))
$algorithm = $this->authServers["authjwt"]["algorithm"]; $algorithm = $this->authServers["authjwt"]["algorithm"];
if (isset ($this->authServers["authjwt"]["cipherKey"]))
$cipherKey = $this->authServers["authjwt"]["cipherKey"];
$payloadArray = array(); $payloadArray = array();
$payloadArray["email"] = $email; $payloadArray["email"] = $payload;
if (is_array ($payload))
$payloadArray = $payload;
if (! key_exists ("email", $payloadArray) ||
$payloadArray["email"] === "anonymous")
throw new \Exception ("JWT Must authenticate", 401);
$jwt = new jwt (); $jwt = new jwt ();
$token = $jwt->encode ($payloadArray, $token = $jwt->encode ($payloadArray,
$this->authServers["authjwt"]["serverKey"], $this->authServers["authjwt"]["serverKey"], $algorithm, $cipherKey);
$algorithm);
return $token; return $token;
} }
} }